Support setting bind address in config.

Author: tmpfs

crates/server/src/config.rs

@@ -2,6 +2,7 @@
 use serde::{Deserialize, Serialize};
 use std::{
     collections::HashSet,
+    net::{IpAddr, Ipv4Addr, SocketAddr},
     path::{Path, PathBuf},
 };
 use url::Url;
@@ -22,7 +23,7 @@ pub struct ServerConfig {
     pub access: Option<AccessControlConfig>,
 
     /// Configuration for the network.
-    pub net: Option<NetworkConfig>,
+    pub net: NetworkConfig,
 
     /// Path the file was loaded from used to determine
     /// relative paths.
@@ -79,17 +80,35 @@ impl AccessControlConfig {
 }
 
 /// Server network configuration.
-#[derive(Debug, Default, Clone, Serialize, Deserialize)]
+#[derive(Debug, Clone, Serialize, Deserialize)]
+#[serde(default)]
 pub struct NetworkConfig {
+    /// Bind address for the server.
+    pub bind: SocketAddr,
+
     /// SSL configuration.
     pub ssl: SslConfig,
 
     /// Configuration for CORS.
     pub cors: Option<CorsConfig>,
 }
 
+impl Default for NetworkConfig {
+    fn default() -> Self {
+        Self {
+            bind: SocketAddr::new(
+                IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)),
+                5053,
+            ),
+            ssl: Default::default(),
+            cors: None,
+        }
+    }
+}
+
 /// Server SSL configuration.
 #[derive(Debug, Default, Clone, Serialize, Deserialize)]
+#[serde(rename_all = "lowercase")]
 pub enum SslConfig {
     /// Default HTTP transport.
     #[default]
@@ -159,24 +178,31 @@ impl ServerConfig {
 
         let dir = config.directory();
 
-        let mut ssl = config.net.as_mut().map(|n| &mut n.ssl);
-        if let Some(ssl) = ssl.as_mut() {
-            if let SslConfig::Tls(tls) = ssl {
-                if tls.cert.is_relative() {
-                    tls.cert = dir.join(&tls.cert);
-                }
-                if tls.key.is_relative() {
-                    tls.key = dir.join(&tls.key);
-                }
-
-                tls.cert = tls.cert.canonicalize()?;
-                tls.key = tls.key.canonicalize()?;
+        if let SslConfig::Tls(tls) = &mut config.net.ssl {
+            if tls.cert.is_relative() {
+                tls.cert = dir.join(&tls.cert);
             }
+            if tls.key.is_relative() {
+                tls.key = dir.join(&tls.key);
+            }
+
+            tls.cert = tls.cert.canonicalize()?;
+            tls.key = tls.key.canonicalize()?;
         }
 
         Ok(config)
     }
 
+    /// Set the server bind address.
+    pub fn set_bind_address(&mut self, addr: SocketAddr) {
+        self.net.bind = addr;
+    }
+
+    /// Server bind address.
+    pub fn bind_address(&self) -> &SocketAddr {
+        &self.net.bind
+    }
+
     /// Parent directory of the configuration file.
     fn directory(&self) -> PathBuf {
         self.file

crates/server/src/main.rs

@@ -44,8 +44,8 @@ mod cli {
         /// Start a server.
         Start {
             /// Bind to host:port.
-            #[clap(short, long, default_value = "0.0.0.0:5053")]
-            bind: String,
+            #[clap(short, long)]
+            bind: Option<String>,
 
             /// Config file to load.
             config: PathBuf,
@@ -104,21 +104,25 @@ mod cli {
         }
 
         /// Start a web server.
-        pub async fn start(bind: String, config: PathBuf) -> Result<()> {
-            let config = ServerConfig::load(&config).await?;
+        pub async fn start(
+            bind: Option<String>,
+            config: PathBuf,
+        ) -> Result<()> {
+            let mut config = ServerConfig::load(&config).await?;
+
+            if let Some(bind) = bind {
+                let addr = SocketAddr::from_str(&bind)?;
+                config.set_bind_address(addr);
+            }
+
             let backend = config.backend().await?;
 
-            let state = Arc::new(RwLock::new(State {
-                config,
-                sockets: Default::default(),
-            }));
+            let state = Arc::new(RwLock::new(State::new(config)));
 
             let handle = Handle::new();
-
-            let addr = SocketAddr::from_str(&bind)?;
             let server = Server::new(backend.directory()).await?;
             server
-                .start(addr, state, Arc::new(RwLock::new(backend)), handle)
+                .start(state, Arc::new(RwLock::new(backend)), handle)
                 .await?;
             Ok(())
         }

crates/server/src/server.rs

@@ -48,8 +48,18 @@ use super::handlers::relay::{upgrade as relay_upgrade, RelayState};
 pub struct State {
     /// The server configuration.
     pub config: ServerConfig,
-    /// Map of websocket  channels by connection identifier.
-    pub sockets: HashMap<Address, WebSocketAccount>,
+    /// Map of websocket channels by account identifier.
+    pub(crate) sockets: HashMap<Address, WebSocketAccount>,
+}
+
+impl State {
+    /// Create new server state.
+    pub fn new(config: ServerConfig) -> Self {
+        Self {
+            config,
+            sockets: Default::default(),
+        }
+    }
 }
 
 /// State for the server.
@@ -93,30 +103,29 @@ impl Server {
     /// Start the server.
     pub async fn start(
         &self,
-        addr: SocketAddr,
         state: ServerState,
         backend: ServerBackend,
         handle: Handle,
     ) -> Result<()> {
         let reader = state.read().await;
         let origins = Server::read_origins(&reader)?;
-        let ssl = reader.config.net.as_ref().map(|n| n.ssl.clone());
+        let ssl = reader.config.net.ssl.clone();
+        let addr = reader.config.bind_address().clone();
         drop(reader);
 
         match ssl {
-            Some(SslConfig::Http) => {
+            SslConfig::Http => {
                 self.run(addr, state, backend, handle, origins).await
             }
-            Some(SslConfig::Tls(tls)) => {
+            SslConfig::Tls(tls) => {
                 self.run_tls(addr, state, backend, handle, origins, tls)
                     .await
             }
             #[cfg(feature = "acme")]
-            Some(SslConfig::Acme(acme)) => {
+            SslConfig::Acme(acme) => {
                 self.run_acme(addr, state, backend, handle, origins, acme)
                     .await
             }
-            None => self.run(addr, state, backend, handle, origins).await,
         }
     }
 
@@ -244,12 +253,7 @@ impl Server {
         reader: &RwLockReadGuard<'_, State>,
     ) -> Result<Vec<HeaderValue>> {
         let mut origins = Vec::new();
-        let cors = reader
-            .config
-            .net
-            .as_ref()
-            .map(|n| n.cors.as_ref())
-            .flatten();
+        let cors = reader.config.net.cors.as_ref();
         if let Some(cors) = cors {
             for url in cors.origins.iter() {
                 origins.push(HeaderValue::from_str(

crates/test_utils/src/lib.rs

@@ -94,21 +94,14 @@ impl MockServer {
         // Override the storage path to use the path
         // using the test identifier
         config.storage.path = self.path.clone();
+        config.set_bind_address(self.addr);
 
         let backend = config.backend().await?;
-        let state = Arc::new(RwLock::new(State {
-            config,
-            sockets: Default::default(),
-        }));
+        let state = Arc::new(RwLock::new(State::new(config)));
 
         let server = Server::new(backend.directory()).await?;
         server
-            .start(
-                self.addr.clone(),
-                state,
-                Arc::new(RwLock::new(backend)),
-                self.handle.clone(),
-            )
+            .start(state, Arc::new(RwLock::new(backend)), self.handle.clone())
             .await?;
         Ok(())
     }

sandbox/acme.toml

@@ -1,12 +1,14 @@
 [storage]
 path = "./accounts"
 
+[net]
+bind = "0.0.0.0:443"
+
 # To use the Let's Encrypt ACME TLS provider you must:
 #
 # 1. Change the domain name and email address
 # 2. Ensure the DNS points to a public IP address
-# 3. Start the server on port 443
-# 4. Ensure the `production` flag is set to `true`
+# 3. Ensure the `production` flag is set to `true`
 #
 # If the production flag is not set then you will get 
 # an error attempting to connect to the server as a 
@@ -21,9 +23,9 @@ path = "./accounts"
 # 
 # You can then check the connection, eg:
 #
-# curl -vL https://acme.saveoursecrets.com
+# curl -vL https://acme.example.com
 [net.ssl.acme]
 cache = "sandbox/acme-cache"
-domains = ["acme.saveoursecrets.com"]
-email = ["acme@saveoursecrets.com"]
+domains = ["acme.example.com"]
+email = ["acme@example.com"]
 production = false

sandbox/config-backup.toml

@@ -1,2 +1,5 @@
 [storage]
 path = "./accounts-backup"
+
+[net]
+bind = "0.0.0.0:5054"

sandbox/config.toml

@@ -1,6 +1,9 @@
 [storage]
 path = "./accounts"
 
+[net]
+bind = "0.0.0.0:5053"
+
 #[access]
 #allow = [
   #"0x6f4e977644ca8f21d335ab13271616b615ea28cb"